StackRox Enhances Container Security Platform with Deeper Kubernetes Integrations
January 30, 2019

StackRox announced new capabilities in the StackRox Container Security Platform that leverage the platform’s multiple integrations with Kubernetes.

The latest enhancements allow businesses to gain a deployment-centric view of their environment, quickly prioritize risks based on rich context, leverage Kubernetes for robust and scalable policy enforcement, and significantly improve the security of their container and Kubernetes environments.

New capabilities available in the latest release of the StackRox Container Security Platform include:

- Deployment-Centric Visibility. StackRox’s deep integration with Kubernetes delivers visibility centered around deployments versus simply an image, enabling DevOps and Security teams to speak a common language and eliminate confusion. DevOps and Security teams can quickly visualize all of their deployments and pods across namespaces and clusters. Visibility at the deployment level is essential to managing policies and addressing misconfigurations effectively in a Kubernetes environment.

- Multi-Factor Risk Profiling. StackRox leverages its integration with Kubernetes to deliver deeper insight into cluster details, labels and annotations, privileges, secrets, and network reachability to more accurately prioritize risks. Details such as whether a cluster is running in test or production, the owner of the application, the type of data and secrets accessed, and the network configuration of the deployment (e.g., is it reachable from the Internet) all provide helpful context far beyond vulnerability data.

- Network Policy Management. StackRox network policy enforcement capabilities include the newly added network graph, policy recommendation engine, and policy simulator. These features all tie into Kubernetes to enable a robust, scalable, and portable solution for network segmentation. The network graph displays allowed versus actively used communications paths among namespaces and deployments as well as Internet reachability of deployments. The policy recommendation engine provides actionable steps to disable unnecessary communications paths among these assets. The policy simulator enables DevOps and Security teams to preview new network policies, visualize their network connectivity paths, and confirm the policies are accurate before applying them in Kubernetes.

“As Kubernetes continues its astonishing pace of adoption as the orchestrator of choice for cloud-native environments, it becomes an increasingly attractive target for attackers. Given that many organizations are still getting educated on Kubernetes security best practices, they are at increased risk for exposing their applications and data,” said Wei Lien Dang, StackRox VP of Product. “The StackRox mission is to deliver a platform for DevOps and Security teams alike to operationalize security for their Kubernetes and container environments. We developed our new capabilities for better visibility, richer context, and stronger enforcement – tied to our deep integrations with Kubernetes – to provide more ways to reduce the container attack surface, mitigate known vulnerabilities, and limit the impact of attacks efficiently and effectively.”

Deployed as a set of containers using Kubernetes YAML files or Helm charts, the StackRox Container Security Platform supports all Kubernetes deployment modes, including self-managed clusters; managed services such as Amazon EKS, Azure AKS, and Google GKE; and Kubernetes distributions such as Red Hat OpenShift and Docker Enterprise Edition.

These new capabilities are available in the current release of the StackRox Container Security Platform.

Share this

Industry News

October 02, 2023

Spectro Cloud announced Palette EdgeAI to simplify how organizations deploy and manage AI workloads at scale across simple to complex edge locations, such as retail, healthcare, industrial automation, oil and gas, automotive/connected cars, and more.

September 28, 2023

Kong announced Kong Konnect Dedicated Cloud Gateways, the simplest and most cost-effective way to run Kong Gateways in the cloud fully managed as a service and on enterprise dedicated infrastructure.

September 28, 2023

Sisense unveiled the public preview of Compose SDK for Fusion.

September 28, 2023

Cloudflare announced Hyperdrive to make every local database global. Now developers can easily build globally distributed applications on Cloudflare Workers, the serverless developer platform used by over one million developers, without being constrained by their existing infrastructure.

September 27, 2023

Kong announced full support for Kong Mesh in Konnect, making Kong Konnect an API lifecycle management platform with built-in support for Kong Gateway Enterprise, Kong Ingress Controller and Kong Mesh via a SaaS control plane.

September 27, 2023

Vultr announced the launch of the Vultr GPU Stack and Container Registry to enable global enterprises and digital startups alike to build, test and operationalize artificial intelligence (AI) models at scale — across any region on the globe. \

September 27, 2023

Salt Security expanded its partnership with CrowdStrike by integrating the Salt Security API Protection Platform with the CrowdStrike Falcon® Platform.

September 26, 2023

Progress announced a partnership with Software Improvement Group (SIG), an independent technology and advisory firm for software quality, security and improvement, to help ensure the long-term maintainability and modernization of business-critical applications built on the Progress® OpenEdge® platform.

September 26, 2023

Solace announced a new version of its Solace Event Portal solution that gives organizations with Apache Kafka deployments better visibility into, and control over, their Kafka event streams, brokers and associated assets.

September 26, 2023

Reply launched a proprietary framework for generative AI-based software development, KICODE Reply.

September 26, 2023

Harness announced the industry-wide Engineering Excellence Collective™, an engineering leadership community.

September 25, 2023

Harness announced four new product modules on the Harness platform.

September 25, 2023

Sylabs announced the release of SingularityCE 4.0.

September 25, 2023

Timescale announced the launch of Timescale Vector, enabling developers to build production AI applications at scale with PostgreSQL.